diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a9953cb..1f6393e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,4 +6,4 @@ updates: directory: "/" schedule: # Check for updates to GitHub Actions every weekday - interval: "daily" + interval: "weekly" diff --git a/.github/workflows/new-release.yml b/.github/workflows/new-release.yml index 670ffad..4ee9c3e 100644 --- a/.github/workflows/new-release.yml +++ b/.github/workflows/new-release.yml @@ -5,23 +5,27 @@ on: branches: - main +# permissions: [] + # contents: read + # packages: write + jobs: new-release: runs-on: ubuntu-20.04 steps: - - name: Checkout - uses: actions/checkout@v3 - with: - persist-credentials: false + - name: Checkout + uses: actions/checkout@v3 + with: + persist-credentials: false - - name: Install nodejs - uses: actions/setup-node@v2 - with: - node-version: '16' + - name: Install nodejs + uses: actions/setup-node@v3 + with: + node-version: "16" - - name: Run semantic release - run: | - npm install - npx multi-semantic-release - env: - GITHUB_TOKEN: ${{ secrets.PAT }} + - name: Run semantic release + run: | + npm install + npx multi-semantic-release + env: + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index fa8ed9f..eb5fa71 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -5,6 +5,10 @@ on: tags: - "**" +# permissions: [] +# contents: read +# packages: write + jobs: new-release: runs-on: ubuntu-20.04 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 64a7528..de029ea 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -39,7 +39,7 @@ repos: args: [--config=.hadolint.yaml] - repo: https://github.com/bridgecrewio/checkov.git - rev: "2.2.154" + rev: "2.2.279" hooks: - id: checkov files: "" @@ -53,7 +53,7 @@ repos: - hook-config=--config .gitleaks.toml - repo: https://github.com/gitguardian/ggshield - rev: v1.14.1 + rev: v1.14.2 hooks: - id: ggshield language_version: python3 diff --git a/docker/py3.9/Dockerfile b/docker/py3.9/Dockerfile index 1cf5a26..f0edb5e 100644 --- a/docker/py3.9/Dockerfile +++ b/docker/py3.9/Dockerfile @@ -54,7 +54,7 @@ RUN rm -rf /var/lib/apt/lists/* \ echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \ locale-gen && \ # ================================================================== - # python and git + # python, git # ------------------------------------------------------------------ add-apt-repository ppa:deadsnakes/ppa && \ add-apt-repository ppa:git-core/ppa && \ @@ -71,11 +71,28 @@ RUN rm -rf /var/lib/apt/lists/* \ python3.9 ~/get-pip.py && \ ln -s /usr/bin/python3.9 /usr/local/bin/python3 && \ ln -s /usr/bin/python3.9 /usr/local/bin/python && \ + # ================================================================== + # nodejs + # ------------------------------------------------------------------ + curl -sL https://deb.nodesource.com/setup_16.x -o /tmp/nodesource_setup.sh && \ + bash /tmp/nodesource_setup.sh && \ + apt-get install nodejs=16.19.0-deb-1nodesource1 -y + +COPY dvcorg-cml-0.18.17.tgz /tmp/dvcorg-cml-0.18.17.tgz + +# Split apt update stages to avoid cache invalidation +RUN \ # ================================================================== # minio client # ------------------------------------------------------------------ curl -o /usr/local/bin/mc -L "https://dl.min.io/client/mc/release/linux-amd64/mc" && \ - chmod +x /usr/local/bin/mc + chmod +x /usr/local/bin/mc && \ + # ================================================================== + # cml + # ------------------------------------------------------------------ + npm install --global /tmp/dvcorg-cml-0.18.17.tgz + # curl -o /usr/local/bin/cml -L "https://github.com/iterative/cml/releases/download/v0.18.17/cml-linux-x64" && \ + # chmod +x /usr/local/bin/cml # ================================================================== # python libraries # ------------------------------------------------------------------ diff --git a/docker/py3.9/dvcorg-cml-0.18.17.tgz b/docker/py3.9/dvcorg-cml-0.18.17.tgz new file mode 100644 index 0000000..9e22970 Binary files /dev/null and b/docker/py3.9/dvcorg-cml-0.18.17.tgz differ